Lead Cloud Security Engineer

Meet the Moment with Alteryx We're living through a once-in-a-generation shift in how work gets done. Data, automation, and AI are quickly becoming the center of every business decision - and Alteryx is leading the transformation. You'll be working on the challenges that sit at the heart of modern business. No matter your role, the work you do will help organizations move faster, see more clearly, and tackle questions that used to feel impossible. If you're ready to meet the moment with innovation, curiosity, and excellence, there's a place for you here. We are seeking a highly skilled Lead Cloud Security Engineer to lead the design, implementation, and continuous improvement of our cloud security posture across AWS, GCP, and Azure. The ideal candidate will have deep expertise in Zero Trust architecture, least privilege models, Kubernetes security, cloud security architecture, and threat modeling, along with hands-on experience in Terraform, scripting, and automation. This role will also support our DevSecOps initiatives by embedding security into CI/CD pipelines and reviewing new cloud services and containerized workloads for security risks. Key Responsibilities: Cloud & Kubernetes Security Architecture Design and implement security architectures for multi-cloud environments (AWS, GCP, Azure) based on Zero Trust and least privilege principles. Build and enforce security controls for Kubernetes clusters (EKS, GKE, AKS) covering RBAC, network policies, runtime security, and secrets management. Perform architecture and design reviews of new cloud services and containerized workloads. Lead cloud and container threat modeling exercises to identify and mitigate risks early in the design phase. Security Governance & Risk Management Define and implement policies, standards, and guidelines for secure cloud and container operations. Partner with platform teams to integrate security-as-code using Terraform and CI/CD pipelines. Continuously assess cloud and Kubernetes environments for misconfigurations, vulnerabilities, and compliance gaps. Automation & Tooling Develop automation for cloud and Kubernetes security monitoring, vulnerability management, and compliance enforcement. Evaluate and integrate new cloud-native and container-native security tools (e.g., Falco, Trivy, Aqua, Prisma Cloud). DevSecOps & Secure SDLC Support Embed security into CI/CD pipelines with automated scanning for infrastructure, container images, and application code. Support secure image building, signing, and deployment practices. Mentor teams on secure cloud-native development and operations. Cross-Functional Collaboration & Leadership Serve as a subject matter expert (SME) for cloud and Kubernetes security across the organization. Influence strategic security initiatives and provide technical guidance to engineering teams. Required Qualifications: 8+ years of experience in Information Security, with 5+ years in cloud security architecture. Expertise in AWS, GCP, and Azure security features, controls, and best practices. Proven experience with Kubernetes security (RBAC, network policies, admission controllers, runtime security). Strong background in Zero Trust architectures, least privilege models, and threat modeling. Proficiency in Terraform and scripting languages (Python, Bash, PowerShell, etc.). Experience with IAM, network security, encryption, and key management. Familiarity with DevSecOps, secure CI/CD pipelines, and container image security. Excellent problem-solving, communication, and collaboration skills. Preferred Qualifications: Relevant certifications (e.g., CCSP, CISSP, AWS Security Specialty, GCP Professional Cloud Security Engineer, Azure Security Engineer Associate). Experience with container security (Kubernetes, Docker) and cloud-native security platforms. Good to have knowledge of compliance frameworks (ISO 27001, SOC 2, PCI-DSS, etc.). Find yourself checking a lot of these boxes but doubting whether you should apply? At Alteryx, we support a growth mindset for our associates through all stages of their careers. If you meet some of the requirements and you share our values, we encourage you to apply. As part of our ongoing commitment to a diverse, equitable, and inclusive workplace, we’re invested in building teams with a wide variety of backgrounds, identities, and experiences. This position involves access to software/technology that is subject to U.S. export controls. Any job offer made will be contingent upon the applicant’s capacity to serve in compliance with U.S. export controls. Apply To This Job